The present invention relates generally to the field of computer network security, and more particularly to monitoring a system for intrusion and changing a network address to mitigate the intrusion.
The Internet Protocol version 4, or IPv4, is the defined standard internet protocol (IP) in the world today, but it is being replaced by the more advanced IPv6, to help solve IP address exhaustion, or the unavailability of free IP address, due to the limited amount of available addresses under IPv4 at any one time. IPv4 uses 32 bits to define each address, which, in total, allows for roughly four billion possible addresses. During the inception of IPv4 in 1981 the amount of available address in a 32 bit system did not seem limiting, however, with the amount of devices accessing the internet always increasing, IP address exhaustion has become an issue. IPv6 uses 128 bits for each address. An IPv6 address consists of 128 bits, therefore allowing for a significantly larger amount of possible IP addresses. Under the 128 bit IPv6 protocol there are 2^128 or roughly 3.4×10^38 available addresses as opposed to the 4.3×10^9 available addresses under IPv4.
The limited number of available IP address under IPv4 may make computer devices using IPv4 vulnerable to cyber-security attacks. One example that is prevalent is a Denial-of-Service (DoS) or Distributed DoS (DDoS) attack. In a DoS attack, an attacker bombards a victim network or server with a large volume of message traffic. Handling this traffic consumes the victim's available bandwidth, CPU capacity, or other system resources, and eventually brings the victim to a condition in which it is unable to serve its legitimate clients. A DDoS attacks can be even more damaging, as they involve creating overwhelming additional network traffic from multiple sources simultaneously. This may be called a zombie, or botnet, attack. A DDoS attack may occur when an attacker attempts to control a large number of devices on a network by using malicious programs that self-replicate across the network by exploiting security flaws in widely-used services.